Yet another quick hello to a friend, VJ, who came to visit New York this weekend, and told me that he’s made Q his home page. (In my thinking, if someone goes and shows a commitment like that, they deserve a public hello!)

ABC News uses a custom Perl redirect script to send people to stories on their site from the Go.com home page (look in the lefthand navigation bar for the links). This redirect script has an incorrect implementation of HTTP responses to requests — it terminates every line with a straight line feed, rather than the carriage return-line feed combo that’s required by both the HTTP 1.0 and HTTP 1.1 specifications (see sections five and six). Some HTTP clients (the few I’ve found are all components that you can use in your own programs) fail with only line feeds, and won’t accept the HTTP response. I emailed them about this in late January, and they responded in early February that they were aware of the problem and would fix it. It’s now mid-April, and it’s unfixed; that’s pretty pathetic.

To me, this is similar to the way that CNN responded to the hundreds of users that complained about the fact that their redesign resulted in the fonts on the home page and article detail pages being way too small to read. They initially told everyone to increase the size of the fonts in their browser (who cares that it was only their site that was broken); then, they just stopped responding at all. It wasn’t until two months had passed that they actually fixed the problem. Websites like this act like they don’t need to attract users, and they manage to push people like me away.

In perusing the logfiles on a Linux box of mine, I’m seeing a few distinct, obvious attempts by a University of Delaware student (or someone affiliated — I shouldn’t assume it’s a student) to break into the webserver. They’re all from one of the university’s shared Solaris boxes; at my school, this is an offense for which your account is immediately revoked on the machines (meaning you lose your university email, as well), and you’re brought before the disciplinary board of the entire school.

Comments

I’m the technology coordinator for a school district in Oregon, and I’ve seen the same attempts to break into the webservers in our district. What can be done about it?

What I do about it is contact the administrators for the networks that originate the breakin attempts, and send them copies of the log files that demonstrate the problem. If I don’t hear back from them, then I write again, and say that without a response, I’ll be left with no other option than to shut down access from their network to my network. If I still don’t hear from them, then I just shut down that network at my router, and get on with my life.

Please note that comments automatically close after 60 days; the comment spammers love to use the older, rarely-viewed pages to work their magic. If comments are closed and you want to let me know something, feel free to use the contact page!

Search

Who am I?

I'm Jason Levine, and have been keeping this site since the waning days of 1999. I'm a physician, a husband, a father, a scientist, an uncle, a photographer, and an unapologetic geek. I currently live in Washington, DC, and wear the two hats of a bioinformatics researcher and a clinical pediatric hematologist and oncologist.